|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectorg.apache.hadoop.hbase.security.access.TableAuthManager
public class TableAuthManager
Performs authorization checks for a given user's assigned permissions
Method Summary | |
---|---|
boolean |
authorize(User user,
byte[] table,
byte[] family,
byte[] qualifier,
Permission.Action action)
|
boolean |
authorize(User user,
byte[] table,
byte[] family,
Permission.Action action)
|
boolean |
authorize(User user,
byte[] table,
KeyValue kv,
Permission.Action action)
|
boolean |
authorize(User user,
Permission.Action action)
Authorize a global permission based on ACLs for the given user and the user's groups. |
boolean |
authorizeGroup(String groupName,
byte[] table,
byte[] family,
Permission.Action action)
Checks authorization to a given table and column family for a group, based on the stored permissions. |
boolean |
authorizeGroup(String groupName,
Permission.Action action)
Checks authorization for a given action for a group, based on the stored permissions. |
boolean |
authorizeUser(String username,
byte[] table,
byte[] family,
byte[] qualifier,
Permission.Action action)
|
boolean |
authorizeUser(String username,
byte[] table,
byte[] family,
Permission.Action action)
Checks authorization to a given table and column family for a user, based on the stored user permissions. |
boolean |
authorizeUser(String username,
Permission.Action action)
Checks global authorization for a specific action for a user, based on the stored user permissions. |
static TableAuthManager |
get(ZooKeeperWatcher watcher,
org.apache.hadoop.conf.Configuration conf)
|
ZKPermissionWatcher |
getZKPermissionWatcher()
|
boolean |
matchPermission(User user,
byte[] table,
byte[] family,
byte[] qualifier,
Permission.Action action)
|
boolean |
matchPermission(User user,
byte[] table,
byte[] family,
Permission.Action action)
Returns true if the given user has a TablePermission matching up
to the column family portion of a permission. |
void |
refreshCacheFromWritable(byte[] table,
byte[] data)
|
void |
remove(byte[] table)
|
void |
setGroupPermissions(String group,
byte[] table,
List<TablePermission> perms)
Overwrites the existing permission set for a group and triggers an update for zookeeper synchronization. |
void |
setUserPermissions(String username,
byte[] table,
List<TablePermission> perms)
Overwrites the existing permission set for a given user for a table, and triggers an update for zookeeper synchronization. |
void |
writeToZooKeeper(byte[] table,
org.apache.hadoop.hbase.security.access.TableAuthManager.PermissionCache<TablePermission> tablePerms)
|
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Method Detail |
---|
public ZKPermissionWatcher getZKPermissionWatcher()
public void refreshCacheFromWritable(byte[] table, byte[] data) throws IOException
IOException
public boolean authorize(User user, Permission.Action action)
user
- action
-
public boolean authorize(User user, byte[] table, KeyValue kv, Permission.Action action)
public boolean authorizeUser(String username, Permission.Action action)
public boolean authorizeUser(String username, byte[] table, byte[] family, Permission.Action action)
username
- table
- family
- action
-
public boolean authorizeUser(String username, byte[] table, byte[] family, byte[] qualifier, Permission.Action action)
public boolean authorizeGroup(String groupName, Permission.Action action)
public boolean authorizeGroup(String groupName, byte[] table, byte[] family, Permission.Action action)
groupName
- table
- family
- action
-
public boolean authorize(User user, byte[] table, byte[] family, byte[] qualifier, Permission.Action action)
public boolean authorize(User user, byte[] table, byte[] family, Permission.Action action)
public boolean matchPermission(User user, byte[] table, byte[] family, Permission.Action action)
TablePermission
matching up
to the column family portion of a permission. Note that this permission
may be scoped to a given column qualifier and does not guarantee that
authorize() on the same column family would return true.
public boolean matchPermission(User user, byte[] table, byte[] family, byte[] qualifier, Permission.Action action)
public void remove(byte[] table)
public void setUserPermissions(String username, byte[] table, List<TablePermission> perms)
username
- table
- perms
- public void setGroupPermissions(String group, byte[] table, List<TablePermission> perms)
group
- table
- perms
- public void writeToZooKeeper(byte[] table, org.apache.hadoop.hbase.security.access.TableAuthManager.PermissionCache<TablePermission> tablePerms)
public static TableAuthManager get(ZooKeeperWatcher watcher, org.apache.hadoop.conf.Configuration conf) throws IOException
IOException
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |